Certificate Transparency Trust Services Forum - CA Day 2019 Ryan Sleevi / [email protected] Agenda ● What is Certificate Transparency? ● Status in Browsers ● Use by Certificate Authorities ● Real World Certificate Transparency ● Certificate Transparency for CABs ● Non-TLS Certificates and CT What is Certificate Transparency? CT as a Technology ● Defined in RFC 6962 ● Cryptographically-verifiable, append-only, auditable log of issued certificates ○ A ledger ○ A blockchain ○ A database ○ An audit log ● Protocol for recording and reviewing certificate issuance practices CT as an Ecosystem ● Not a single ecosystem, but many ecosystems, some overlapping, each serving different needs ● Key Participants: ○ CAs ○ Logs ○ Compliance Checkers CT in the Web’s PKIs ● >30 public, world-readable/writable logs, from 4 different operators ○ Constantly adding more ● Contain TLS server certificates intended to be used in various Web browsers ● Important: Any data in a TLS certificate trusted by a browser is treated as public data Status in Browsers Status in Browsers Google Chrome Apple Google Chrome requires that all Extended Publicly trusted Transport Layer Security Validation (EV) certificates issued after 1 Jan (TLS) server authentication certificates 2015 be CT Qualified in order to be recognized issued after October 15, 2018 must meet as EV, and that all publicly-trusted TLS Apple's Certificate Transparency (CT) policy certificates issued after 30 April 2018 be CT to be evaluated as trusted on Apple Qualified in order to be recognized as valid. platforms. - Certificate Transparency in Chrome - Apple’s Certificate Transparency Policy Use by Certificate Authorities Certificates issued May 2018, measured July 2018 CA Operators where not all certs have SCTS: 274 SwissSign AG 7 T-Systems International 138 行政院 (Taiwan GRCA) GmbH 25 Entrust, Inc. 5 SCEE 24 DigiCert Inc 4 Amazon 22 Government of Korea 3 Deutsche Post 19 ICP-Brasil 3 certSIGN 18 Dreamcommerce S.A. 2 Entrust 17 Unizeto Technologies S.A. 2 QuoVadis Limited 16 NetLock Kft. 2 U.S. Government 11 GlobalSign nv-sa Southern Company 7 Microsoft Corporation 2 Services, Inc. 7 MULTICERT 1 ...12 more... Certificates issued May 2018, measured July 2018 We find that CT has so far been “ widely adopted with minimal breakage and warnings. Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate” Proceedings of the IEEE Symposium on Security & Privacy (2019) Real World Certificate Transparency Detect Unauthorized Certificates Facebook Source: Early Impacts of Certificate Transparency, facebook.com Google Source: Improved Digital Certificate Security, security.googleblog.com Detect Problematic Certificates Problematic Certificates ● Don’t follow the Certification Practices Statement ● Don’t follow the Certificate Profile ● Don’t follow the Trust Framework Requirements ○ Root Program Requirements ○ Audit Criteria (WebTrust, ETSI ESI) ○ IETF RFCs ● Don’t have the required services (OCSP, CRL, AIA, CP/CPS) Bugzilla CA Incidents - 2016-01-01 to 2019-09-18 Open Source Problem Detection CT Search Engines Linters Censys: Startup spun out of the University of certlint: Developed and open-sourced by Michigan. A search engine for data from Amazon, a C + Ruby linter that compiles the Internet-wide crawls that also incorporates CT ASN.1 modules to ensure valid DER, as well Data. From the research team that developed as CA/Browser Forum-specific checks ZLint crt.sh: From Sectigo, an open-source search ZLint: Developed as part of research at the engine for Certificate Transparency that also University of Michigan into problematic has the ability to execute linters as certificates certificates, performs comprehensive are found. checks against the policy requirements of the Baseline Requirements. Internet Scale Search + Automated Testing Tools = Internet Scale Compliance Issues Certificate Transparency for CABs Certificate Transparency = 100% Sampling Linters = Test Suites Example of a Problematic Cert Source: https://crt.sh/?id=1723124144 All Systems Lint Test for Failure as well as Success All Tests Pass? Not quite Tests the tests Test against the CP and CPS Certificate Profile Misconfiguration Certificate Profile Misconfiguration (continued) Thanks!.